You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Mauricio Cavalcanti <ma...@hotmail.com> on 2004/08/02 20:20:54 UTC

[users@httpd] TRACE again

Hi,
i made some changes in httpd.conf to my nessus stop boring me with TRACE 
"Vulnerability".

I put 3 lines:
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]

in each VH configured in httpd.conf

When i run nessus again, this "vulnerability" disapear in VH that uses port 
80, but not in VH using 443 port.

I made a copy/paste... so no human fail.

Anyone knows what i can do to make this "vulnerability" in apache running in 
443 port disapear?

Thanks in advance,
Mauricio.

_________________________________________________________________
MSN Hotmail, o maior webmail do Brasil.  http://www.hotmail.com


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org